Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          7ClA/P7kUNI0q7qiTEM3WRszmQzmU3cmkA/3gnAk+5E=
Subject key identifier:   15:28:AF:F3:12:E4:01:67:A3:6B:FF:61:0C:7C:5D:7C:F1:63:AD:B8
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019A725CF43572AE6298A7DA91BD0B01E9D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0F0E
Signing time:             Tue 11 Nov 2025 10:01:25 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:25 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:25 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: fvKLE7U8gu4UHVOnY/kKX3lOdLRr6t5LwSHtbDvUCyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:f4:35:72:ae:62:98:a7:da:91:bd:0b:01:e9:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Nov 11 10:01:25 2025 GMT
            Not After : Nov 12 10:01:25 2025 GMT
        Subject: CN=1528aff312e40167a36bff610c7c5d7cf163adb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:79:61:47:6d:35:94:37:50:51:be:2a:45:c2:
                    2a:c9:cc:ce:75:f2:5b:75:ec:bf:88:7c:65:65:32:
                    68:21:9f:39:df:15:5c:f4:91:d3:65:3d:9e:5d:1a:
                    f0:8c:4e:2a:0f:29:40:04:91:2e:3c:51:f5:76:ce:
                    62:3a:5e:83:f3:f1:4d:e6:70:84:e2:a4:a6:c7:bb:
                    b2:0b:3e:98:51:27:8d:b6:9a:9d:d3:e3:9f:75:dd:
                    6d:6f:77:6d:1e:8a:49:8b:40:f0:41:bd:2b:56:e0:
                    f0:ee:9e:a5:c4:a7:96:58:6d:39:73:19:f8:ee:e0:
                    34:0b:62:20:17:c5:db:4a:54:f2:74:b0:f7:80:2b:
                    45:52:98:f3:cd:59:a7:2f:cb:b9:f5:11:59:6f:86:
                    cc:65:57:4f:21:67:19:b6:0a:69:56:ec:aa:da:fa:
                    7a:87:f6:bf:04:20:d2:fe:41:39:4d:6e:95:f2:ac:
                    38:92:3d:e3:66:a5:54:6a:27:51:03:8a:b7:58:2e:
                    7a:a7:1f:c3:d2:8f:4a:88:77:9e:8b:74:84:e0:05:
                    a4:3e:65:71:24:57:3d:de:bc:1e:50:5a:62:68:86:
                    59:f1:bf:bd:73:e0:82:82:a3:55:88:0b:11:6a:1a:
                    da:a3:93:b9:e7:52:fc:8c:e8:4c:d1:25:f6:06:74:
                    4f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:28:AF:F3:12:E4:01:67:A3:6B:FF:61:0C:7C:5D:7C:F1:63:AD:B8
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:d2:4f:e2:cd:90:a0:b6:9b:00:4a:e0:10:c4:1a:eb:84:5c:
         74:57:cc:31:7c:b6:4a:e3:8f:bc:57:c0:75:03:f6:be:e6:1a:
         6c:e2:b1:47:f0:99:08:0e:8f:a3:3c:00:83:c3:fd:25:4f:0b:
         4b:1c:79:27:63:5b:f1:0a:18:65:05:c0:df:dd:53:b7:35:cd:
         23:69:99:7a:a4:25:86:6f:a9:c8:d0:5a:0e:a4:78:f5:0b:10:
         08:b8:78:67:fe:da:e2:c3:a6:6d:31:7a:ea:d2:18:85:1d:98:
         9c:b4:87:8a:c6:03:d7:cd:1a:36:8c:38:df:22:9e:1a:55:94:
         7f:e9:f3:07:68:4a:17:1a:40:2a:e3:34:a2:1b:18:4f:f3:85:
         1c:6d:f3:1c:03:32:06:7c:ac:e3:a3:46:40:20:b7:42:aa:80:
         88:09:aa:4c:39:8e:c6:ae:63:68:12:55:4e:65:da:f3:0d:37:
         13:da:b7:67:33:60:50:8a:24:70:f9:2e:b6:a8:9c:cc:58:23:
         16:41:9d:dd:53:1b:c5:d2:a8:c3:bd:c7:60:62:2d:ad:bf:ed:
         82:1b:aa:4a:09:39:be:5f:a3:e2:76:ae:b8:a7:3c:81:dd:ad:
         55:64:31:7b:e0:1a:c8:df:45:ca:67:54:41:f7:ca:24:b5:f9:
         08:a4:ae:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXPQ1cq5imKfakb0LAenXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUxMTExMTAwMTI1WhcNMjUxMTEyMTAwMTI1WjAzMTEwLwYDVQQD
EygxNTI4YWZmMzEyZTQwMTY3YTM2YmZmNjEwYzdjNWQ3Y2YxNjNhZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3lhR201lDdQUb4qRcIqyczOdfJb
dey/iHxlZTJoIZ853xVc9JHTZT2eXRrwjE4qDylABJEuPFH1ds5iOl6D8/FN5nCE
4qSmx7uyCz6YUSeNtpqd0+Ofdd1tb3dtHopJi0DwQb0rVuDw7p6lxKeWWG05cxn4
7uA0C2IgF8XbSlTydLD3gCtFUpjzzVmnL8u59RFZb4bMZVdPIWcZtgppVuyq2vp6
h/a/BCDS/kE5TW6V8qw4kj3jZqVUaidRA4q3WC56px/D0o9KiHeei3SE4AWkPmVx
JFc93rweUFpiaIZZ8b+9c+CCgqNViAsRahrao5O551L8jOhM0SX2BnRPpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUor/MS5AFno2v/YQx8XXzxY624MB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcNJP4s2Q
oLabAErgEMQa64RcdFfMMXy2SuOPvFfAdQP2vuYabOKxR/CZCA6PozwAg8P9JU8L
Sxx5J2Nb8QoYZQXA391TtzXNI2mZeqQlhm+pyNBaDqR49QsQCLh4Z/7a4sOmbTF6
6tIYhR2YnLSHisYD180aNow43yKeGlWUf+nzB2hKFxpAKuM0ohsYT/OFHG3zHAMy
Bnys46NGQCC3QqqAiAmqTDmOxq5jaBJVTmXa8w03E9q3ZzNgUIokcPkutqiczFgj
FkGd3VMbxdKow73HYGItrb/tghuqSgk5vl+j4nauuKc8gd2tVWQxe+AayN9FymdU
QffKJLX5CKSuqA==
-----END CERTIFICATE-----